Skip to content

Incorrect zstandard dependency on master #2350

Closed
@aiven-anton

Description

@aiven-anton

See comments here.

There is no python-zstandard package on PyPI which makes this a security issue because a bad actor can claim that name and publish a malicious package. I believe this should really point to just zstandard.

Also, even if just for the sake of checking installation, it would be great if this is actually covered by CI, ie checking that installing all the extras works without blowing up.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions